SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I have used rkhunter and chkrootkit to check my system for rootkits. Chkrootkit finds nothing, while rkhunter has listed some 'warnings' for me. I have no idea what I am supposed to do with these warnings. Are they false positives? Are they evidence of rootkits? I don't have a clue.
Distribution: slackware64 13.37 and -current, Dragonfly BSD
Posts: 1,810
Rep:
The warnings are just warning you about settings that are standard to a stock Slackware setup - they are nothing to worry about.
The scripts mentioned are supposed to be scripts, the services activated are on by default in /etc/inetd.conf and the stock setup file /etc/ssh/sshd_config comments out the PermitRootLogin setting.
If you have sshd and inetd running I'd suggest a couple of changes.
On the Slackware 12.0 box I'm looking at now, PermitRootLogin defaults to yes, so you should set it to no. The Protocol setting defaults to 2,1 and should be set to 2. I've also commented out all except the services I actually use in /etc/inetd.conf (imaps and cvspserver on this box).
You can also ask questions regarding rkhunter on their mailing list. You'll probably see someone has already asked this question before anyway. This is a link to the project page on sourceforge.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
rkhunter output help
